001 /*
002 * CDDL HEADER START
003 *
004 * The contents of this file are subject to the terms of the
005 * Common Development and Distribution License, Version 1.0 only
006 * (the "License"). You may not use this file except in compliance
007 * with the License.
008 *
009 * You can obtain a copy of the license at
010 * trunk/opends/resource/legal-notices/OpenDS.LICENSE
011 * or https://OpenDS.dev.java.net/OpenDS.LICENSE.
012 * See the License for the specific language governing permissions
013 * and limitations under the License.
014 *
015 * When distributing Covered Code, include this CDDL HEADER in each
016 * file and include the License file at
017 * trunk/opends/resource/legal-notices/OpenDS.LICENSE. If applicable,
018 * add the following below this CDDL HEADER, with the fields enclosed
019 * by brackets "[]" replaced with your own identifying information:
020 * Portions Copyright [yyyy] [name of copyright owner]
021 *
022 * CDDL HEADER END
023 *
024 *
025 * Copyright 2008 Sun Microsystems, Inc.
026 */
027 package org.opends.server.admin.std.client;
028
029
030
031 import java.util.Collection;
032 import java.util.SortedSet;
033 import org.opends.server.admin.ConfigurationClient;
034 import org.opends.server.admin.IllegalPropertyValueException;
035 import org.opends.server.admin.ManagedObjectDefinition;
036 import org.opends.server.admin.std.server.CryptoManagerCfg;
037
038
039
040 /**
041 * A client-side interface for reading and modifying Crypto Manager
042 * settings.
043 * <p>
044 * The Crypto Manager provides a common interface for performing
045 * compression, decompression, hashing, encryption and other kinds of
046 * cryptographic operations.
047 */
048 public interface CryptoManagerCfgClient extends ConfigurationClient {
049
050 /**
051 * Get the configuration definition associated with this Crypto Manager.
052 *
053 * @return Returns the configuration definition associated with this Crypto Manager.
054 */
055 ManagedObjectDefinition<? extends CryptoManagerCfgClient, ? extends CryptoManagerCfg> definition();
056
057
058
059 /**
060 * Gets the "cipher-key-length" property.
061 * <p>
062 * Specifies the key length in bits for the preferred cipher.
063 *
064 * @return Returns the value of the "cipher-key-length" property.
065 */
066 int getCipherKeyLength();
067
068
069
070 /**
071 * Sets the "cipher-key-length" property.
072 * <p>
073 * Specifies the key length in bits for the preferred cipher.
074 *
075 * @param value The value of the "cipher-key-length" property.
076 * @throws IllegalPropertyValueException
077 * If the new value is invalid.
078 */
079 void setCipherKeyLength(Integer value) throws IllegalPropertyValueException;
080
081
082
083 /**
084 * Gets the "cipher-transformation" property.
085 * <p>
086 * Specifies the cipher for the Directory Server using the syntax
087 * algorithm/mode/padding.
088 * <p>
089 * The full transformation is required: specifying only an algorithm
090 * and allowing the cipher provider to supply the default mode and
091 * padding is not supported, because there is no guarantee these
092 * default values are the same among different implementations. Some
093 * cipher algorithms, including RC4 and ARCFOUR, do not have a mode
094 * or padding, and hence must be specified using NONE for the mode
095 * field and NoPadding for the padding field. For example,
096 * RC4/NONE/NoPadding.
097 *
098 * @return Returns the value of the "cipher-transformation" property.
099 */
100 String getCipherTransformation();
101
102
103
104 /**
105 * Sets the "cipher-transformation" property.
106 * <p>
107 * Specifies the cipher for the Directory Server using the syntax
108 * algorithm/mode/padding.
109 * <p>
110 * The full transformation is required: specifying only an algorithm
111 * and allowing the cipher provider to supply the default mode and
112 * padding is not supported, because there is no guarantee these
113 * default values are the same among different implementations. Some
114 * cipher algorithms, including RC4 and ARCFOUR, do not have a mode
115 * or padding, and hence must be specified using NONE for the mode
116 * field and NoPadding for the padding field. For example,
117 * RC4/NONE/NoPadding.
118 *
119 * @param value The value of the "cipher-transformation" property.
120 * @throws IllegalPropertyValueException
121 * If the new value is invalid.
122 */
123 void setCipherTransformation(String value) throws IllegalPropertyValueException;
124
125
126
127 /**
128 * Gets the "digest-algorithm" property.
129 * <p>
130 * Specifies the preferred message digest algorithm for the
131 * Directory Server.
132 *
133 * @return Returns the value of the "digest-algorithm" property.
134 */
135 String getDigestAlgorithm();
136
137
138
139 /**
140 * Sets the "digest-algorithm" property.
141 * <p>
142 * Specifies the preferred message digest algorithm for the
143 * Directory Server.
144 *
145 * @param value The value of the "digest-algorithm" property.
146 * @throws IllegalPropertyValueException
147 * If the new value is invalid.
148 */
149 void setDigestAlgorithm(String value) throws IllegalPropertyValueException;
150
151
152
153 /**
154 * Gets the "key-wrapping-transformation" property.
155 * <p>
156 * The preferred key wrapping transformation for the Directory
157 * Server. This value must be the same for all server instances in a
158 * replication topology.
159 *
160 * @return Returns the value of the "key-wrapping-transformation" property.
161 */
162 String getKeyWrappingTransformation();
163
164
165
166 /**
167 * Sets the "key-wrapping-transformation" property.
168 * <p>
169 * The preferred key wrapping transformation for the Directory
170 * Server. This value must be the same for all server instances in a
171 * replication topology.
172 *
173 * @param value The value of the "key-wrapping-transformation" property.
174 * @throws IllegalPropertyValueException
175 * If the new value is invalid.
176 */
177 void setKeyWrappingTransformation(String value) throws IllegalPropertyValueException;
178
179
180
181 /**
182 * Gets the "mac-algorithm" property.
183 * <p>
184 * Specifies the preferred MAC algorithm for the Directory Server.
185 *
186 * @return Returns the value of the "mac-algorithm" property.
187 */
188 String getMacAlgorithm();
189
190
191
192 /**
193 * Sets the "mac-algorithm" property.
194 * <p>
195 * Specifies the preferred MAC algorithm for the Directory Server.
196 *
197 * @param value The value of the "mac-algorithm" property.
198 * @throws IllegalPropertyValueException
199 * If the new value is invalid.
200 */
201 void setMacAlgorithm(String value) throws IllegalPropertyValueException;
202
203
204
205 /**
206 * Gets the "mac-key-length" property.
207 * <p>
208 * Specifies the key length in bits for the preferred MAC algorithm.
209 *
210 * @return Returns the value of the "mac-key-length" property.
211 */
212 int getMacKeyLength();
213
214
215
216 /**
217 * Sets the "mac-key-length" property.
218 * <p>
219 * Specifies the key length in bits for the preferred MAC algorithm.
220 *
221 * @param value The value of the "mac-key-length" property.
222 * @throws IllegalPropertyValueException
223 * If the new value is invalid.
224 */
225 void setMacKeyLength(Integer value) throws IllegalPropertyValueException;
226
227
228
229 /**
230 * Gets the "ssl-cert-nickname" property.
231 * <p>
232 * Specifies the nickname (also called the alias) of the certificate
233 * that the Crypto Manager should use when performing SSL
234 * communication.
235 * <p>
236 * This is only applicable when the Crypto Manager is configured to
237 * use SSL.
238 *
239 * @return Returns the value of the "ssl-cert-nickname" property.
240 */
241 String getSSLCertNickname();
242
243
244
245 /**
246 * Sets the "ssl-cert-nickname" property.
247 * <p>
248 * Specifies the nickname (also called the alias) of the certificate
249 * that the Crypto Manager should use when performing SSL
250 * communication.
251 * <p>
252 * This is only applicable when the Crypto Manager is configured to
253 * use SSL.
254 *
255 * @param value The value of the "ssl-cert-nickname" property.
256 * @throws IllegalPropertyValueException
257 * If the new value is invalid.
258 */
259 void setSSLCertNickname(String value) throws IllegalPropertyValueException;
260
261
262
263 /**
264 * Gets the "ssl-cipher-suite" property.
265 * <p>
266 * Specifies the names of the SSL cipher suites that are allowed for
267 * use in SSL or TLS communication.
268 *
269 * @return Returns the values of the "ssl-cipher-suite" property.
270 */
271 SortedSet<String> getSSLCipherSuite();
272
273
274
275 /**
276 * Sets the "ssl-cipher-suite" property.
277 * <p>
278 * Specifies the names of the SSL cipher suites that are allowed for
279 * use in SSL or TLS communication.
280 *
281 * @param values The values of the "ssl-cipher-suite" property.
282 * @throws IllegalPropertyValueException
283 * If one or more of the new values are invalid.
284 */
285 void setSSLCipherSuite(Collection<String> values) throws IllegalPropertyValueException;
286
287
288
289 /**
290 * Gets the "ssl-encryption" property.
291 * <p>
292 * Specifies whether SSL/TLS is used to provide encrypted
293 * communication between two OpenDS server components.
294 *
295 * @return Returns the value of the "ssl-encryption" property.
296 */
297 boolean isSSLEncryption();
298
299
300
301 /**
302 * Sets the "ssl-encryption" property.
303 * <p>
304 * Specifies whether SSL/TLS is used to provide encrypted
305 * communication between two OpenDS server components.
306 *
307 * @param value The value of the "ssl-encryption" property.
308 * @throws IllegalPropertyValueException
309 * If the new value is invalid.
310 */
311 void setSSLEncryption(Boolean value) throws IllegalPropertyValueException;
312
313
314
315 /**
316 * Gets the "ssl-protocol" property.
317 * <p>
318 * Specifies the names of the SSL protocols that are allowed for use
319 * in SSL or TLS communication.
320 *
321 * @return Returns the values of the "ssl-protocol" property.
322 */
323 SortedSet<String> getSSLProtocol();
324
325
326
327 /**
328 * Sets the "ssl-protocol" property.
329 * <p>
330 * Specifies the names of the SSL protocols that are allowed for use
331 * in SSL or TLS communication.
332 *
333 * @param values The values of the "ssl-protocol" property.
334 * @throws IllegalPropertyValueException
335 * If one or more of the new values are invalid.
336 */
337 void setSSLProtocol(Collection<String> values) throws IllegalPropertyValueException;
338
339 }